Saturday, May 21, 2016

DA Is Dead Wrong on Encryption

The last person San Diego should trust with their computers and smartphones is District Attorney Bonnie Dumanis.

Last week, Dumanis joined district attorneys in Los Angeles and Manhattan in supporting a fundamentally flawed Senate proposal they’re trying to brand as the National Technology Bill. If anything, the legislation sponsored by Sens. Richard M. Burr and Dianne Feinstein is an anti-technology bill, since it would require tech companies to weaken the security of their products and break encryption meant to protect their customers.

Dumanis and her colleagues argue that this bill would assist law enforcement, but they fail to mention the cost: the safety of all Americans’ data.

One needs only look at Dumanis’ track record on technology to understand that the district attorney is not credible on this issue.

In 2012, Dumanis spent $25,000 in public money on 5,000 copies of a piece of “parental monitoring” software called ComputerCop. This CD-ROM, which was distributed to families throughout the county for free, included a video from Dumanis promoting the program as the “first step” in protecting your children online.

This first step, however, involved parents installing keylogger software on their home computers. This type of technology is a favorite tool of malicious hackers, since it captures everything a user types, including personal information such as passwords and credit card numbers. Not only did ComputerCop store keylogs in an unencrypted file on the person’s computer, but it also transmitted some of that information over unsecured connections to a mysterious third-party server. If your child was sitting at a coffee shop, connecting a laptop with ComputerCop to an open Wi-Fi network, any two-bit hacker, identity thief or cyber-bully could snatch what your child typed right out of the air.

In other words, Dumanis was promoting software that installed faulty backdoors into home computers. The software did the opposite of its intent: Rather than protecting families, it actually made families less safe.

…

Dumanis and her cohorts want Congress to force tech companies to create backdoors into your computers and devices or to simply remove basic security protections on the devices and software we all use every day.

Computer scientists and security researchers around the country have slammed the proposals, asserting that there is no way whatsoever to create a backdoor that can’t be exploited by malicious hackers or even foreign governments.